1. Technical Field
The present invention is directed to a system, apparatus and method for updating security configurations of a plurality of servers from a centralized directory server.
2. Description of Related Art
As businesses and organizations grow in size, their computer networks also grow to accommodate the increasing workload. It is not unusual for large businesses and organizations to have hundreds or thousands of network servers located in many different geographical locations. As the computer networks increase in size, security issues become more of a problem.
For example, many computer networks make use of Windows NT Servers, available from Microsoft Corporation, which provide resources and store files for use by users of the computer network. The resources and files of the Windows NT Servers have access control lists (ACLs) associated with them. An ACL is a set of data associated with a file, directory or other resource that defines the permissions that users and/or groups have for accessing it.
As the computer network grows in size, the number of servers and resources/files on the computer network increase. A user may be granted access to resources/files on a large number of the servers of the computer network. If a user's access to the computer network is changed, each server of the computer network must be updated to reflect the user's new access. Such updates require that the ACL of each file on each server of the computer network to which the user had access and the ACL of each file on each server to which the user will be granted access, be updated.
The current manner in which this access update is accomplished is to have a human network administrator log onto each server individually and update the ACLs to reflect the user's new access. When the computer network has grown to a large size, such updates become impractical. As a result, many businesses and organizations do not make use of the ACLs or do not update them to reflect changes in user access. As a result a serious security problem arises. Thus, it would be advantageous to have a system, apparatus and method for updating security configurations of a plurality of servers from a centralized location.